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Claims 

[1] A method for requesting authentication from a base station in a wireless portable 

network system, the method comprising: 

(a) transmitting a basic capability negotiation message (SBC-REQ) from a 
subscriber station to the base station in order to establish an authentication mode; 

(b) receiving a reply message (SBC-RSP) on the basic capability negotiation 
message from the base station, and establishing the authentication mode; and 

(c) transmitting an extensible authentication protocol (EAP)-Transfer Request 
message which corresponds to the established authentication mode to the base 
station, and requesting authentication on the subscriber station. 

[2] The method of claim 1, wherein the basic capability negotiation message 

includes a parameter with an available authentication mode in (a). 

[3] The method of claim 2, wherein the basic capability negotiation message is a 

message generated by including the parameter with an available authentication 
mode to a subscriber station basic capability negotiation - request (SBC-REQ) 
message which is one of message authentication code (MAC) messages of the 
IEEE 802.16 privacy standard protocol. 

[4] The method of claim 1, wherein the authentication mode is one of an au- 

thentication mode based on the IEEE 802.16 privacy standard protocol and an 
authentication mode based on the standardized authentication protocol of an 
upper layer in (b). 

[5] The method of claim 4, wherein a subscriber Authentication Request message 

for requesting subscriber authentication by the base station is transmitted to the 
base station in (c) when the authentication mode is negotiated to be the au- 
thentication mode based on the IEEE 802.16 privacy standard protocol in (b). 

[6] The method of claim 5, wherein the subscriber Authentication Request message 

for requesting subscriber authentication by the base station includes an EAP- 
Transfer Information message and an Authentication Request message from 
among privacy key management - request (PKM-REQ) messages which are 
MAC protocol data of the IEEE 802. 16 privacy standard protocol. 

[7] The method of claim 4, wherein a subscriber Authentication Request message 

for requesting subscriber authentication by an authentication, authorization, and 
accounting (AAA) server which is connected to the base station and au- 
thenticates the subscriber is transmitted to the AAA server through the base 
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station in (c) when the authentication mode is negotiated to be an authentication 
mode based on the standardized authentication protocol of the upper layer in (b). 

[8] The method of claim 7, wherein the subscriber Authentication Request message 

for requesting the subscriber authentication by the AAA server is added to the 
PKM-REQ message which is MAC protocol data of the IEEE 802.16 privacy 
standard protocol, and subscriber authentication based on the standardized au- 
thentication protocol of the upper layer is requested to the base station. 

[9] The method of one of claims 4 to 8, wherein the standardized authentication 

protocol of the upper layer is one of an extensible authentication protocol - 
transport layer security (EAP-TLS) and an EAP-tunneled TLS (EAP-TTLS). 

[10] A method for authenticating a subscriber station wirelessly connected to a base 

station in a wireless portable network system, comprising: 

(a) transmitting to the subscriber station a reply message to which an au- 
thentication mode is negotiated according to a basic capability negotiation 
message (SBC-REQ) for establishing an authentication mode provided by the 
subscriber station; 

(b) receiving a message for requesting subscriber authentication from the 
subscriber station and performing the authentication, or requesting subscriber au- 
thentication from an authentication, authorization, and accounting (AAA) server 
which is connected to the base station and authenticates the subscriber station; 
and 

(c) transmitting a reply message for showing authentication results to the 
subscriber station. 

[11] The method of claim 10, wherein the authentication mode is one of an au- 

thentication mode based on the IEEE 802.16 privacy standard protocol and an 
authentication mode based on the standardized authentication protocol of an 
upper layer in (a). 

[12] The method of claim 1 1 , wherein authentication on the subscriber is requested to 

the AAA server through the standardized authentication protocol of the upper 
layer in (b) when the negotiated authentication mode is an authentication mode 
based on the standardized authentication protocol of the upper layer in (a). 

[13] The method of claim 12, wherein the standardized authentication protocol of the 

upper layer is a diameter protocol. 

[14] The method of claim 10, wherein the reply message for showing the au- 

thentication results is an Authentication Reply message from among privacy key 
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management - reply messages (PKM-RSP) which are MAC protocol data of the 
IEEE 802.16 privacy standard protocol in (c) when the subscriber is au- 
thenticated by the base station in (b). 

[15] The method of claim 10, wherein the reply message for showing the au- 

thentication results is added to a privacy key management - reply messages 
(PKM-RSP) which are MAC protocol data of the IEEE 802.16 privacy standard 
protocol, and subscriber authentication results based on the standardized au- 
thentication protocol of the upper layer are transmitted to the subscriber station 
in (c) when the subscriber is authenticated based on the standardized au- 
thentication protocol of the upper layer by the AAA server in (b). 

[16] A method for configuring a subscriber station authentication protocol between a 

subscriber station and a base station in a wireless portable network system, 
canprising: 

(a) transmitting and receiving a basic capability negotiation message (SBC-REQ) 
for establishing an authentication mode between the subscriber station and the 
base station ty using an MAC message; and 

(b) transmitting and receiving a subscriber authentication message according to 
the authentication mode established in (a) between the subscriber station and the 
base station by using the MAC message. 

[17] The method of claim 16, wherein the basic capahlity negotiation message is 

transmitted ty using SBC-REQ and SBC-RSP messages with parameters which 
allow establishment of authentication modes in (a). 

[ 1 8] The method of claim 1 6, wherein the subscriber authentication message is 

transmitted by using PKM-REQ and PKM-RSP messages which are MAC 
messages of the IEEE 802.16 standard protocol or ty using PKM-REQ and 
PKM-RSP messages to which a message for performing authentication 
according to the standardized protocol of the upper layer is added in (b). 

[19] The method of claim 18, wherein a message transmitted fron the subscriber 

station to the base station is a PKM-REQ/EAP-transfer request, and a message 
transmitted fron the base station to the subscriber station is a PKM- 
REQ/EAT-transfer reply, when the message for performing authentication 
according to the standardized protocol of the upper layer has an EAP based 
standardized protocol of the upper layer. 

[20] A subscriber station for requesting authentication from a base station in a 

wireless portable network system, comprising: 
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a station controller for requesting authentication mode establishment used to 
decide the authorization policy, and requesting authentication on the subscriber 
station according to the authentication mode negotiated with the base station; 
a digital signal transmitter and receiver for modulating, demodulating, and 
channel-encoding signals input and output to/from the station controller; and 
an analog signal transmitter and receiver for relaying transmission of analog rad 
io signals between the digital signal transmitter and receiver and the base station. 
[21] The subscriber station of claim 20, wherein the station controller comprises: 

an Authentication Request message generator for generating an authentication 
mode negotiation message and a subscriber Authentication Request message for 
requesting authentication on the subscriber station from the base station, and 
transmitting the messages to the base station through the digital signal 
transmitter and receiver; 

an Authentication Reply message parser for receiving an authentication mode 
negotiation message and a subscriber Authentication Reply message from the 
base station through the digital signal transmitter and receiver, and parsing the 
messages; and 

an Authentication Request controller for requesting authentication on the 
subscriber station from the base station, and controlling operations of the Au- 
thentication Request message generator and the Authentication Reply message 
parser in order to receive a reply from the base station and process the reply. 

[22] The subscriber station of claim 20 or 21, wherein the established authentication 

mode includes an authentication mode based on the standardized authentication 
protocol of the upper layer. 

[23] A base station for authenticating a subscriber station in a wireless portable 

network system, comprising: 

a base station controller for establishing an authentication mode according to an 
Authentication Request provided by the subscriber station, and performing au- 
thentication according to the established authentication mode; 
a digital signal transmitter and receiver for modulating, demodulating, and 
channel-encoding signals input and output to/from the base station controller; 
and 

an analog signal transmitter and receiver for relaying transmission of analog 
radio signals between the digital signal transmitter and receiver and the 
subscriber station. 
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[24] The base station of claim 23, wherein the base station controller comprises: 

a message parser for parsing an authentication mode negotiation message and a 
subscriber station authentication message provided by the subscriber station 
through the digital signal transmitter and receiver, and parsing an authentication 
protocol message of the upper layer provided by an AAA server for performing 
authentication based on the standardized authentication protocol of the upper 
layer on the subscriber station; 

an Authentication Reply message generator for generating a reply message on 
the authentication mode negotiation message or a subscriber Authentication 
Request message provided by the subscriber station, and transmitting the 
message to the subscriber station through the digital signal transmitter and 
receiver; 

an upper Authentication Request message generator for generating a message for 
requesting authentication on the subscriber station from the AAA server, and 
transmitting the message to the AAA server through the digital signal transmitter 
and receiver when the authentication mode is established to be an authentication 
mode based on the standardized authentication protocol of the upper layer during 
an authentication mode negotiation process with the subscriber station; and 
an authentication controller for performing a process according to the Au- 
thentication Request provided by the subscriber station to generate a reply, and 
when the authentication mode is an authentication of the upper mode, requesting 
authentication on the subscriber station from the AAA server, and controlling the 
operations of the message parser, the Authentication Reply message generator, 
and the upper Authentication Request message generator in order to receive the 
reply from the AAA server and process the reply. 



